Adding financial accounts such as payment cards to a mobile device has historically consisted of simply entering the account number into software generally connected directly to a server or cloud database. US patent application publication 20140006277 represents one such invention that allows users to simply enter their financial accounts into a digital wallet. Few if any security limits are placed on which cards can be added to a smart wallet.
Because of limited security validation processes, the risk of theft of credit card information associated with the use of digital electronic and/or smart wallets is increased. For instance, when a cashier receives a credit card from its owner, the cashier may simply swipe the card to store its contents onto a digital, electronic or smart wallet, as a non-limiting example. The cashier can later reuse the credit card without the owner's approval, thereby stealing money from the credit card owner or even the identity of the credit card owner.
Current methods to prevent such fraud include but are not limited to verifying account information and/or validating user identity over the Internet. Such methods cannot always protect privacy and are susceptible to other fraudulent attacks, such as man-in-the-middle attacks. Passing financial account and other private information over a cloud connection or any network connection to perform authentication, validation, verification, storage, background checks and the like, facilitates identity theft rather than prevents it, since such information can be intercepted by others over these public networks. Furthermore, a live network connection is required to access the verification service, making authentication impossible within a local, offline environment.